Robert Gellman | @Info.Policy:The ills of sharing health network data

Robert Gellman

One of the big IT projects of the coming decade is the National Health Information Network, or NHIN. No one really knows what NHIN is, what data it will contain or how it will be controlled. Still, the broad argument for using more IT in health care makes sense. It's the details that present tough choices and killer conflicts.

Let's look at a couple of issues. Advocates of NHIN talk glowingly about more patient involvement in their health care and more control over their records. How will that work in the research context?

Today, a researcher who wants patient records needs permission from an institutional review board. An IRB can waive the requirement to get patient consent for access. This makes sense because it is completely impractical today to ask patients individually for consent. An IRB provides a reasonable way to balance patient rights and research needs.

Suppose we have NHIN in place. Researchers love NHIN because they think that it will be easier for them to access more patient records. But will it?

Many patients will be tied into the network and accessible via e-mail. If a researcher wants to use a record for research, it will be possible to contact each patient to ask for consent. IRBs will still oversee other aspects of research, but we won't need them to grant privacy waivers anymore.

Researchers will hate this idea like poison. If patients can opt out of research, some will. Researchers want all records because they fear, with some justification, that missing records will skew their results. But how can anyone justify not asking patients for permission if it is easy to ask?

Here's a second problem. Let's suppose that the network maintains some substantive patient information, as opposed to records being maintained offline and controlled by the record keeper. Now let's look at research access again.

Today, a researcher who wants to use records from a hospital needs permission from an IRB and from the hospital. A hospital can say no if it doesn't agree with the research. Some record keepers won't cooperate with research relating to abortion, stem cells or other topics with religious or moral overtones.

Under NHIN, anyone with access to the network might be able to allow a researcher to retrieve available data. The researcher gets his ticket punched at his local IRB and goes straight to the nearest NHIN terminal. No need to ask the original record keeper, because records are accessible everywhere. Most of the benefits of the network result from easy, widespread accessibility.

Want to let that hospital decide about researcher access? It isn't easy. In a networked environment, it can be impossible to tell who is the record keeper. A doctor at a hospital orders a test from an independent lab. Does the doctor, hospital, lab, health plan that paid for the test or patient decide who can use the record for research?

If the researcher has to ask permission, some record keepers may be buried in requests. The burden of responding might be enormous, and some smaller institutions or solo doctors might automatically say no to all.

We've only scratched the surface of the policy issues NHIN will force us to decide. The two examples illustrate how a network will require us to confront conflicts we have avoided in the past or resolved in ways that may no longer work.
Finding the zillions of dollars and developing the necessary technical standards will be child's play compared to the policy choices NHIN will present.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above